Change8

v2.1.9

📦 vitestView on GitHub →
🐛 2 fixes

Summary

This release patches security vulnerabilities CVE-2025-24963 and CVE-2025-24964 and includes bug fixes such as backporting issue #7317 and restricting served files from `/__screenshot-error`.

Migration Steps

  1. Upgrade to vitest v2.1.9.

🐛 Bug Fixes

  • Backported issue #7317 to the v2 branch (PR #7318) to address the browser mode file serving vulnerability.
  • Backported issue #7340 to the v2 branch, adding a restriction that prevents serving files from the `/__screenshot-error` path.